Backdoor – Page 18 – MCYSEKA-Maritime Cyber Security Knowledge Archive

Abandoned Eval PHP WordPress plugin abused to backdoor websites

Threat actors were observed installing the abandoned Eval PHP plugin on compromised WordPress sites for backdoor deployment. Researchers from Sucuri warned that threat actors are installing the abandoned Eval PHP plugin on compromised WordPress sites for backdoor deployment. The Eval PHP plugin allows PHP code to be inserted into the pages and posts of WordPress […]

The post Abandoned Eval PHP WordPress plugin abused to backdoor websites appeared first on Security Affairs.

April 23, 2023

0 comment

Following the Lazarus group by tracking DeathNote campaign

The Lazarus group is a high-profile Korean-speaking threat actor with multiple sub-campaigns. In this blog, we’ll focus on an active cluster that we dubbed DeathNote.

April 12, 2023

0 comment

Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack

A DLL named guard64.dll, which was loaded into the infected 3CXDesktopApp.exe process, was used in recent deployments of a backdoor that we dubbed “Gopuram” and had been tracking internally since 2020.

April 3, 2023

0 comment

New Bad Magic APT used CommonMagic framework in the area of Russo-Ukrainian conflict

Threat actors are targeting organizations located in Donetsk, Lugansk, and Crimea with a previously undetected framework dubbed CommonMagic. In October 2022, Kaspersky researchers uncovered a malware campaign aimed at infecting government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions with a previously undetected framework dubbed CommonMagic. Researchers believe that threat actors use spear […]

The post New Bad Magic APT used CommonMagic framework in the area of Russo-Ukrainian conflict appeared first on Security Affairs.

March 22, 2023

0 comment

Bad magic: new APT found in the area of Russo-Ukrainian conflict

In October 2022, we identified an active infection of government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions.

March 21, 2023

0 comment

Inadequate patches and advisories increase cyber risk

Trend Micro’s overall threat detections increased by 55%, and the number of blocked malicious files surged by 242% due to indiscriminate targeting by threat actors who went after both consumers and organizations in all sectors. Trends for 2022 an…

March 9, 2023

0 comment

China-aligned APT is exploring new technology stacks for malicious tools

ESET researchers have analyzed MQsTTang, a custom backdoor that they attribute to the China-aligned Mustang Panda APT group. This backdoor is part of an ongoing campaign that ESET can trace back to early January 2023. Execution graph showing the subpro…

March 7, 2023

0 comment

Threat landscape for industrial automation systems for H2 2022

In H2 2022, the percentage of ICS computers on which malicious objects were blocked increased by 3.5 percentage points compared to the previous six-month period, reaching 34.3%.

March 6, 2023

0 comment

Chinese Hackers Unleashes MQsTTang Backdoor Against Govt Entities

By Deeba Ahmed
The new MQTTang backdoor is capable of evading detection, making it an even bigger threat to victims.
This is a post from HackRead.com Read the original post: Chinese Hackers Unleashes MQsTTang Backdoor Against Govt Entities

March 3, 2023

0 comment

Microsoft Exchange admins advised to expand antivirus scanning

After having stressed the importance of keeping Exchange servers updated last month, Microsoft is advising administrators to widen the scope of antivirus scanning on those servers. Microsoft Exchange servers in attackers’ crosshairs Cyber attacke…

February 27, 2023

0 comment

1 … 16 17 18 19